#FactCheck -AI-Manipulated Clip Misrepresents PM Modi’s Remarks on Iran-Israel Conflict

Introduction

Emerging technologies in the digital era have made their inroads in manifold domains and locations, including the “Aviation industry”. A 2022 Cranfield University and Inmarsat report has made the point for digitalization powering a reviving age for the aviation industry. Several airport authorities are presently mobilizing power of emerging technologies such as Artificial Intelligence (AI) across the airport bedrock to provide travelers with a plain sailing and expeditious air travel experience.

The Perils of Juice-Jacking

Today, Universal Serial Bus (USB) charging ports are ubiquitous and a convenient way for travelers to keep their devices powered up. In their busy, mundane lives, people use the public charging facility while travelling. However, cybersecurity experts have warned that charging in public areas could wipe off data from an electronic device or install malware, and they have urged people to stay away from USB charging ports at airports and other public areas. This leads to the possibility that fraudsters may manipulate susceptible users via juice jacking.

Investigative journalist Brian Krebs in 2011 coined the term "Juice Jacking". It isa form of cyber attack where a public USB charging port is fiddled with and infected using hardware and software changes to pocket data or install malware on devices connected to it. The term “juice jacking” is a slang representation for electric power or energy, and “hijacking” indicates an unauthorized key toa device.

While the preliminary purpose of juice jacking is usually to pilfer sensitive information from corresponding devices, such as passwords and payment card details, attackers can exploit this stolen information to attain unauthorized to your financial accounts. If the adversary attacker installs malware in the electronic device during the juice jacking strategy, the attacker may further observe the individual's movements even after one has disconnected the device from the USB port. However, the hazards of Juice Jacking include malware infection, data heist, economic loss and damage to the reputation of an individual.

RedFlags from Agencies

In2023, the Federal Bureau of Investigation (FBI) forewarned travelers against using charging stations in public zones such as hotels, airports, and shopping malls due to malicious actors attempting to use the public USB to introduce monitoring software and malware into devices. The U.S. Federal Communications Commission (FCC) has also administered a new advisory regarding “juice jacking "and its possibility of launching a hushed cyber attack against a mobile gadget while one is charging the phone with a USB cord. Similarly, according to new research from International Business Machines (IBM) Security, many nation-state hackers are currently training their eyes on travelers.

RBI Advisory

Recently in 2024, The Reserve Bank of India (RBI) has likewise administered a warning statement to mobile phone users urging them against charging their devices using public ports. RBI has additionally accentuated the importance of safeguarding private and financial data while using mobile devices. Juice jacking is further cited as one of the scams in the RBI booklet on the modus operandi of financial fraudsters in the financial space.

Preventing juice jacking attacks

The routes to avoid Juice Jacking are to keep a tab on the USB devices, not use the public charging ports, update the phone software regularly, enable and utilize the software security measures of the device, use a USB pass-through device, a wall outlet, or a backup battery; never use unknown charging cables and use only the trusted security apps. It is further important to avoid using cables that are left behind by other travelers in any public space. Users can correspondingly turn off their devices before connecting to a wary charging port. Nevertheless, the absence of documented cases does not necessarily imply that users cannot be a target of such an attack and a warning is still recommended when securing personal gadgets with susceptible user data while using standard cables. Also, using a virtual private network (VPN) and assuring that devices have the updated security updates established can aid in mitigating the danger of cyber attacks. It is equally important to utilize the security features of your device, such as passcodes, fingerprints, or facial recognition, enabled to count as a supplementary layer of safeguard.

Conclusion

In the contemporary digital age, individuals, on the whole, need to be vigilant about “Cybersecurity hygiene” and avoid accessing susceptible data or conducting financial transactions on unsecured networks. Mobile phones or devices should run on the latest operating system, and antivirus software should be revamped to mitigate conceivable security susceptibilities.

References

• https://www.forbes.com/sites/suzannerowankelleher/2023/04/20/juice-jacking-malware-phone-airports-hotels/?sh=47adab7e82ed
• https://www.businessairportinternational.com/features/how-ai-is-improving-business-aviation-operations.html
• https://www.news18.com/business/juice-jacking-attack-scam-bank-frauds-india-8412037.html
• https://www.comparitech.com/blog/information-security/juice-jacking/
• https://blogs.blackberry.com/en/2023/04/juice-jacking-advisory
• https://www.thehindubusinessline.com/info-tech/juice-jacking-rbi-issues-warning-against-charging-mobile-phones-using-public-ports/article67895091.ece
• https://www.thehindu.com/sci-tech/technology/juice-jacking-how-hackers-target-smartphones-tethered-to-public-charging-points/article67026433.ece
• https://www.forbes.com/sites/suzannerowankelleher/2019/05/21/why-you-should-never-use-airport-usb-charging-stations/?sh=630f026a5955
• https://edition.cnn.com/2023/04/12/tech/fbi-public-charging-port-warning/index.html
• https://social-innovation.hitachi/en-in/knowledge-hub/hitachi-voice/digital-transformation/
• https://www.inmarsat.com/en/insights/aviation/2022/future-aviation-connectivity.html

Introduction

Google is committed to supporting the upcoming elections in India by providing high-quality information to voters, safeguarding platforms from abuse, and helping people navigate AI-generated content. Google will connect voters to helpful information through enhanced features, collaborating with the Election Commission of India (ECI) to provide voting information in both English and Hindi. Emphasis is also placed on showcasing authoritative information on YouTube. YouTube will highlight authoritative news sources and offer context on topics prone to misinformation. YouTube also appends information panels directing viewers to the Election Commission of India's FAQs. This support will help millions of eligible voters navigate the electoral process and ensure a fair and transparent election process.

Key Highlights of Google’s Approach

The step taken by Google will support the democratic process during the upcoming General Election in India. The initiative focuses on three main pillars: disseminating information, tackling misinformation, and navigating AI-generated content.  Google is enhancing its Search and YouTube features to provide essential election-related information, including voter registration, polling guidelines, and candidate profiles. Google is also addressing the challenges posed by AI-generated content by offering clarity on content origins, particularly for election-related ads and YouTube videos. Google has strict policies and restrictions regarding who can run election-related advertising on its platforms, including identity verification, pre-certificates, and in-ad disclosures. Additionally, Google is utilising tools and policies like Ads disclosures, content labels on YouTube, and digital watermarking to help users to identify AI-generated content.

Google has joined hands with ECI

The tech giant Google is partnering with the Election Commission of India (ECI) to provide voting information on Google Search in both English and Hindi. YouTube will feature election information panels, including candidate profiles and registration guidelines, ensuring users have access to authoritative sources. Google's recommendation system will display content from trusted publishers on election-related topics. Protecting the integrity of elections is a top priority, and the company is employing advanced AI models and machine learning techniques to identify and remove content that violates its policies at scale. A dedicated team of local experts across major Indian languages is assigned to provide relevant context and ensure swift action against emerging threats. Google is also tightening up who can advertise on its platforms, requiring advertisers to undergo an identity verification process and obtain a pre-certificate from the ECI or authorised entities for each election ad they wish to run.

Tackling Electoral Misinformation

Google is enhancing its platform security measures to prevent misinformation. It is using AI models and human expertise to identify and address policy violations, while stringent verification processes and disclosures are being implemented to maintain user trust.

Collaborations to promote reliable information

Google is supporting the Shakti, India Election Fact-Checking Collective, a consortium of news publishers and fact checkers to detect online misinformation, including deepfakes. The project will provide news entities and fact checkers with essential training in fact-checking methodologies, deepfake detection, and the latest Google tools to streamline verification processes, as stated in Google’s blog post.

Conclusion

Google has taken proactive steps to ensure a secure electoral process during the upcoming general elections in India. These include preventing the misuse of false information by helping voters navigate AI-generated content and safeguarding its platforms from abuse. Google India has built faster and more adaptable enforcement systems with recent advances in its Large Language Models (LLMs), enabling the company to remain nimble and take action quickly when new threats emerge. Google is dedicated to collaborating with government, industry, and civil society to provide voters with reliable and trustworthy online information. Google is implementing a comprehensive strategy to empower voters, safeguard its platforms, and combat misinformation in India's upcoming general elections. Google’s step is commendable and aims to ensure a secure electoral process, empowering millions of citizens to exercise their democratic rights.

References:

• https://blog.google/intl/en-in/company-news/outreach-initiatives/supporting-the-2024-indian-general-election/
• https://inc42.com/buzz/following-gemini-row-google-strengthens-checks-on-ai-generated-content-before-elections/#:~:text=In%20an%20effort%20to%20ensure,safeguarding%20its%20platforms%20from%20abuse
• https://www.indiatvnews.com/technology/news/google-introduces-enhanced-tools-for-supporting-elections-in-india-2024-03-12-921096
• https://economictimes.indiatimes.com/news/elections/lok-sabha/india/google-ties-up-with-eci-to-prevent-spread-of-false-information/articleshow/108431021.cms?from=mdr
• https://www.businesstoday.in/technology/news/story/google-joins-hands-with-election-commission-of-india-to-help-voters-via-search-youtube-421112-2024-03-12
• https://indianexpress.com/article/technology/tech-news-technology/google-2024-general-elections-support-9209588/

‍

Introduction 

As various technological developments enable our phones to take on a greater role, these devices, along with the applications they host, also become susceptible to greater risks. Recently, Zimperium, a tech company that provides security services for mobiles and applications from threats like malware, phishing, etc., has announced its identification of a malware that is targeted toward stealing information from Indian Banks. The Indian Express reports that data from over 25 million devices has been exfiltrated, making it increasingly dangerous, just going by the it has affected so far.

Understanding the Threat: The Case of FatBoyPanel 

A malware is a malicious software that is a file or a program, intentionally harmful to a network, server, computer, and other devices. It is also of various types; however, in the context of the aforementioned case, it is a Trojan horse i.e., a file/program designed to trick the victim into assuming it to be a legitimate software program that is trying to gain access. They are able to execute malicious functions on a device as soon as they are activated post-installation. 

The FatBoyPanel, as it is called, is a malware management system that carried out a massive cyberattack, targeting Indian mobile users and their bank details. Their modus operandi included the process of social engineering, wherein attackers posed as bank officials who called their target and warned them that if no immediate action was taken to update their bank details, their account would be suspended immediately. On panicking and asking for instructions, they were told to download a banking application from the link sent in the form of an Android Package Kit (APK) file (that requires one to enable “Install from Unknown Sources” ) and install it. Various versions of similar incidents were acted on by other attackers, all to trick the target into downloading the file sent. The apps sent through the links are fake, and once installed, they immediately ask for critical permissions such as access to contacts, device storage, overlay permissions (to show fake login pages over real apps), and access to SMS messages (to steal OTPs and banking alerts). This aids in capturing text messages (especially OTPs related to banks), read stored files, monitor app usage, etc. This data is stolen and then sent to the FatBoyPanel backend, where hackers are able to see real-time data on their dashboard, which they can further download and sell.  FatBoyPanel is a C&C (command and control) server that acts as a centralised control room.

Protecting Yourself: Essential Precautions in the Digital Realm 

Although there are various other types of malware, how one must deal with them remains the same. Following are a few instructions that one can practice in order to stay safe:

• Be cautious with app downloads: Only download apps from official app stores (Google Play Store, Apple App Store). Even then, check the developer's reputation, app permissions, and user reviews before installing.
• Keep your operating system and apps updated: Updates often include security patches that protect against known vulnerabilities.
• Be wary of suspicious links and attachments: Avoid clicking on links or opening attachments in unsolicited emails, SMS messages, or social media posts. Verify the sender's authenticity before interacting.
• Enable multi-factor authentication (MFA) wherever possible: While malware like FatBoyPanel can sometimes bypass OTP-based MFA, it still adds an extra layer of security against many other threats. 
• Use strong and unique passwords: Employ a combination of uppercase and lowercase letters, numbers, and symbols for all your online accounts. Avoid reusing passwords across different platforms.
• Install and maintain a reputable mobile security app: These apps can help detect and remove malware, as well as warn you about malicious websites and links (Bitdefender, etc.)
• Regularly review app permissions and give access judiciously: Check what permissions your installed apps have and revoke any that seem unnecessary or excessive. 
• Educate yourself and stay informed: Keep up-to-date with the latest cybersecurity threats and best practices.

Conclusion 

The emergence of malware management systems indicates just how sophisticated the attackers have become over the years. Vigilance at the level of the general public is recommended, but so are increasing efforts in awareness regarding such methods of crime, as people continue to remain vulnerable in aspects related to cybersecurity. Sensitive information at stake, we must take steps to sensitise and better prepare the public to deal with the growing landscape of the digital world.

References

• https://zimperium.com/blog/mobile-indian-cyber-heist-fatboypanel-and-his-massive-data-breach
• https://indianexpress.com/article/technology/tech-news-technology/fatboypanel-new-malware-targeting-indian-users-what-is-it-9965305/ 
• https://www.techtarget.com/searchsecurity/definition/malware 

‍